Skeith
Hardware Tinkerer
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 2
1000 XP
Okay im going to try and explain how to get combos using SQLi dumper and crack the hashed passwords after with steps (:
( recommend using SQLi dumper on a RDP or VPS or using a VPN )
FORGOT TO MENTION SQLI DUMPER HAS A PRETTY DECENT PROXY CHECKER IN "TOOLS & SETTINGS" USE IT Cracking Hashed Passwords (MD5 Hashed)
Step 1: To crack passwords download, hashcathttps://hashcat.net/hashcat/ (choose hashcat binaries download) click on "v2.00" to download
EXAMPLE:
Step 2: Extract hashcat to a folder on your desktop using 7zip. Once extracted, go into hashcat folder and create 2 new .txt filesand 1 new folder file. Name one .txt file "hashes" and the other "cracked". Name the folder"wordlists".
Step 3: Go get some wordlists to put into your wordlist folder. type"hashcat wordlist" into google and grab all you can (: any word or password can be used in your wordlist. make it nice and big lots of gigs if possible the more the better.
Step 4: Once you have wordlists in your wordlist folder you created, you are ready to start and trycracking. go grab a combo you got from SQLi Dumper that was hashed and copy and paste it into the "hashes.txt" file you created.
Step 5: opencmd by going to yourstart button on your desktopandclick it then type "cmd"thenright click the one that says cmd & open as administrator ( I needed to for my pc, you might not need to for yours )
Step 6: when the cmd window is open. first thing is type CD then click space. anddrag your main hashcat folder right onto the cmd window then press enter.
hashcat.exe-m 0 --usernamehashes.txtwordlist.folder
( Blue color is what gets dragged not typed )
Step 7: cmd is now inside hashcat, if you are using a 32 bit PC drag hashcat-cli32.exe into the cmd window now. if you are64 bit drag hashcat-cli64.exe instead. press space and type-m 0 --username press space and drag your "hashes.txt" over, press space again and drag your wordlist folder over into cmd windows as well.press space then enter it will startCracking the hashed combo you had in your hashes.txt with the wordlists you have in yourwordlist folder.
hashcat.exe-m 0 --username --showhashes.txt--outfile-format=2 -ocracked.txt
( Blue color is what gets dragged not typed )
Step 8: once it has finished. justkeep cmd window open and again drag your 32 or 64 bit exe over first. then press space and type-m 0 --username --show press space and drag your "hashes.txt" file over press space and then type --outfile-format=2 -o press space anddrag your "dehashed.txt" file over then press space and press enter. your combo should now appear in your cracked.txt file with theusernames:passwords dehashed (:
Step 9: If theylook like a mess in the cracked.txt file, like "user:passuser:passuser:pass" then just download Notepad++ https://notepad-plus-plus.org/download/v6.9.1.html
and open notepad++ and copy and paste the cracked.txt file combos into notepad++ and they will all look all in neat order now (: then just click save as and save it as something new and it will come out as user:pass Instead so you can now run it on a combo checker.
user:pass
user:pass
THERE ALL DONE
( recommend using SQLi dumper on a RDP or VPS or using a VPN )
FORGOT TO MENTION SQLI DUMPER HAS A PRETTY DECENT PROXY CHECKER IN "TOOLS & SETTINGS" USE IT Cracking Hashed Passwords (MD5 Hashed)
Step 1: To crack passwords download, hashcathttps://hashcat.net/hashcat/ (choose hashcat binaries download) click on "v2.00" to download
EXAMPLE:
Step 2: Extract hashcat to a folder on your desktop using 7zip. Once extracted, go into hashcat folder and create 2 new .txt filesand 1 new folder file. Name one .txt file "hashes" and the other "cracked". Name the folder"wordlists".
Step 3: Go get some wordlists to put into your wordlist folder. type"hashcat wordlist" into google and grab all you can (: any word or password can be used in your wordlist. make it nice and big lots of gigs if possible the more the better.
Step 4: Once you have wordlists in your wordlist folder you created, you are ready to start and trycracking. go grab a combo you got from SQLi Dumper that was hashed and copy and paste it into the "hashes.txt" file you created.
Step 5: opencmd by going to yourstart button on your desktopandclick it then type "cmd"thenright click the one that says cmd & open as administrator ( I needed to for my pc, you might not need to for yours )
Step 6: when the cmd window is open. first thing is type CD then click space. anddrag your main hashcat folder right onto the cmd window then press enter.
hashcat.exe-m 0 --usernamehashes.txtwordlist.folder
( Blue color is what gets dragged not typed )
Step 7: cmd is now inside hashcat, if you are using a 32 bit PC drag hashcat-cli32.exe into the cmd window now. if you are64 bit drag hashcat-cli64.exe instead. press space and type-m 0 --username press space and drag your "hashes.txt" over, press space again and drag your wordlist folder over into cmd windows as well.press space then enter it will startCracking the hashed combo you had in your hashes.txt with the wordlists you have in yourwordlist folder.
hashcat.exe-m 0 --username --showhashes.txt--outfile-format=2 -ocracked.txt
( Blue color is what gets dragged not typed )
Step 8: once it has finished. justkeep cmd window open and again drag your 32 or 64 bit exe over first. then press space and type-m 0 --username --show press space and drag your "hashes.txt" file over press space and then type --outfile-format=2 -o press space anddrag your "dehashed.txt" file over then press space and press enter. your combo should now appear in your cracked.txt file with theusernames:passwords dehashed (:
Step 9: If theylook like a mess in the cracked.txt file, like "user:passuser:passuser:pass" then just download Notepad++ https://notepad-plus-plus.org/download/v6.9.1.html
and open notepad++ and copy and paste the cracked.txt file combos into notepad++ and they will all look all in neat order now (: then just click save as and save it as something new and it will come out as user:pass Instead so you can now run it on a combo checker.
user:pass
user:pass
THERE ALL DONE